SUMMARY

• Experience in architecting solutions across the enterprise using IAM products at various customer sites.
• Extensive design and implementation experience in Identity and Access Management space.
• Experience in SSO implementations using SAML, OAuth 2.0 & OIDC protocol using products like ISAM, ForgeRock IdM, AM and Ping Federate.
• Experience in cloud based IAM implementations using AWS, Azure AD, Azure PIM, Office365 and Azure B2B/B2C
• Extensive design and implementation experience on risk based Multi Factor Authentication setup for internal /external applications using tools like ISAM, Forge Rock and Ping Federate.
• Expertise in performing IAM assessments, defining solution architectures, and strategic roadmaps.
• Experience in managing privileged identities using Privileged Identity/Access Management products like CyberArk and IBM Privileged Identity Manager.
• Experience with identifying security gaps, providing technical controls and representing customer for internal security audits.
• Extensive working experience in analyzing requirements, designing architecture and executing projects related to Identity and Access management with SSO and building custom framework using Java or .Net.
• Experience in implementation of Role Base Access Controls and Multi - Factor Authentications.
• Excellent customer and partner relationship management skills.
• Management consulting expertise encompass providing end-to-end advisory services for clients from concept through roll-out of IdAM program initiative.
• Knowledge on Apigee Micro Services & AWS infrastructure.
• Knowledge on DevOps tools like Git, Ansible, Azure DevOps, and Jenkins
• Knowledge on other IAM products like SailPoint, Okta & Saviynt.

TECHNICAL SKILLS

• IBM Security Access Manager 9.0.5, IBM Security Identity manager 6, ISAM AAC (Advanced Access Control), Forgerock AM, Forgerock IdM, Okta, CA, Sun Identity Manager, Siteminder & Sailpoint IIQ.
• Ping Federate 8, ISAM Federation 9/
• CyberArk PAM, IBM Security Privileged Identity Management,
• IBM Security Directory Server, Forgerock DS, Sun Directory Servers & Active Directory.
• IBM Security Directory Integrator.
• Apache Tomcat, BEA WebLogic, IBM WebSphere Application Server.
• IBM DB2, My SQL
• Java, J2EE, JavaScript, JSPs, Struts, Spring & XML/XSLT.
• Windows, AIX, Linux and Solaris.
• Qradar, Splunk.
• Shell, Perl & Ansible.

PROFESSIONAL EXPERIENCE

CIAM Architect

Confidential

Environment: IBM Security Identity Manager, IBM Security Access Manager, Ping Federate, CyberArk, Splunk, PING Federate, Java, JavaScript &Web Services.

Responsibilities:

• Lead IAM Architect/Engineer for Customer Identity and Access Management program
• Have put together strategy & roadmap for rolling out privileged identity management to secure & harden enterprise platforms, operating systems, applications and databases.
• Implemented SSO integrations, MFA and user journeys for customers.
• Design and develop CI/CD process for IAM infrastructure and deployment automation
• Develop IdM orchestration flows for registration, self-service and provisioningManage co-ordination of the partners and working groups engaged in project work.
• Provide weekly status reports to the project sponsor.
• Design and Implement multiple federated connections using OAuth2.0 and OIDC protocols in ISAM AAC and Ping Federate.
• Implement Clustering, High Availability on Access Manager Application.
• Provide & Implement SSO (Single-sign on) solutions to multiple internal/external partners using Ping Federate.
• Preserve assets by implementing disaster recovery and back-up procedures and information security and control structures.
• Manage the deployments of different applications to multiple environments.
• Provide technical support for implemented applications; diagnosing and reporting bugs, applying patches and upgrades as needed.Lead efforts to stabilize the systems and provide client with a long-terms security and IAM direction that meets current and future risks and threats.
• Lead the L2 production support activities and monthly maintenance activities
• Perform the technical leadership for solving complex programming tasks.
• Integrate Security Access Manager Audit logs with Splunk application.
• Guide and mentor to other team members in design and development.
• Maintain quality service by establishing and enforcing organization security standards.
• Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; participating in professional societies.

IAM Security Consultant

Confidential

Environment: Forgerock AM, IBM Security Identity Manager, IBM Tivoli Directory Integrator, IBM Tivoli Directory Server, Java, and JavaScript.

Responsibilities:

• Requirement gathering and organize business meeting
• Lead the design, development and implementation of highly-scalable Identity and Access Management solutions using ForgeRock's Open Access Manager and IBM Security Identity Manager Suite.
• Designed and developed custom adapters for VMS system and ABS.
• Developed VMS Identity Framework using open source open Identity Framework API to connect and perform the operations in VMS system.
• Developed adapters to communicate from ISIM 6.0 to VMS system using TDI and VMS Identity Framework API.
• Installed and configured the custom adapters in ISIM 6.0.
• Created Provisioning policies, Adoption Rules, ACIs and Workflows to manage user life cycle operation

IAM Lead Engineer

Confidential

Environment: IBM Security Identity Manager, IBM Tivoli Directory Integrator, IBM Tivoli Directory Server, IBM Security Privileged Identity Manager, Microsoft Active Directory, Java, JavaScript, Web Services.

Responsibilities:

• Design & Develop RBAC (Role based access control) solution using ISIM 6.0.
• Implement the privileged identity manager solution to audit and manage privileged IDs.
• Configured the solution of DPRA (Desktop Password Reset Assistant) and self-service password reset functionality for all end users at SRP.
• Migrated the identity management system from TIM 5.1 to ISIM 6.0.
• Integrated the Pathlore (Learning Portal) systems to ISIM 6.0 to manage identities.
• Migrated custom adapters to support with ISIM 6.0.
• Managed deployment to multiple environments.
• Provided technical support for implemented applications; diagnosing and reporting bugs, applying patches and upgrades as needed.